Patient privacy is under siege, and the latest intrusion is by states that are building massive databases of patient records. That is the view of the Association of American Physicians and Surgeons (AAPS), which has filed an amicus brief with the US Supreme Court, in support of patient privacy.

It says about 16 states are constructing healthcare databases to monitor their residents, and that this puts patients' privacy at grave risk of disclosures that could ruin their careers.

In what could be a pivotal case, a federal appellate court, the Second Circuit, had blocked enforcement of Vermont's database requirement against Liberty Mutual Insurance Company, and the court cited privacy concerns as a reason.

"Vermont requires ERISA plans to record, in specified format, massive amounts of claims information and to report that information to third parties, creating significant (and obvious) privacy risks and financial burdens," the Second Circuit held. But Vermont appealed this case to the US Supreme Court, which granted cert.

Now the AAPS is urging the court to protect patient privacy by dismissing the appeal.

"Privacy of patient medical records cannot be protected in these massive government databases," said AAPS General Counsel Andrew Schlafly. "Hacking is widespread, and studies have shown that it is easy to re-identify patients even after many personal identifiers are removed."

The amicus brief filed by AAPS explains how a team of researchers at Harvard demonstrated that it was possible to re-identify the governor of a state as the patient for medical records despite the removal of several personal identifiers.

AAPS suggests that other organizations concerned about patient privacy consider filing their own amicus briefs in this landmark case before the Supreme Court.

The Supreme Court is expected to schedule oral argument in this case for sometime this fall. The deadline for other groups to file an amicus brief in support of patient privacy is in mid-October.